On Sun, Jan 01, 2017 at 08:36:43PM +0000, Simon Hobson wrote:
> Hendrik Boom <hendrik@???> wrote:
>
> >> Which caching daemon are you using?
> >
> > That's one of the things I don't know. I suspect it's whatever
> > the devuan installer provided me long ago.
> >
> > How do I find out?
>
> What do /etc/resolv.conf and /etc/nssswitch.conf have in them ?
> Though to be honest, other than the systems I have BIND running on,
> DNS resolution is something of a black box to me.
hendrik@notlookedfor:~$ cat /etc/resolv.conf
domain topoi.pooq.com
search topoi.pooq.com
nameserver 8.8.8.8
nameserver 8.8.4.4
hendrik@notlookedfor:~$ cat /etc/nssswitch.conf
cat: /etc/nssswitch.conf: No such file or directory
hendrik@notlookedfor:~$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat
group: compat
shadow: compat
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
hendrik@notlookedfor:~$
>
> > By the way, the cache poisoning isn't an immediate problem. I've had it
> > in the past, it was a nuisance, but eventually the cache entry expired
> > after a few weeks.
>
> That's unusual, I don't see many DNS records with TTLs that are weeks long.
We are talking about accessing misconfigured DNS servers.
It's also possible that something else in the system was doing its own
caching, such as a browser.
-- hendrik
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng